Project

General

Profile

Actions

Bug #12373

closed

Update mpd5 to address vulnerabilities in < 5.9_2

Added by Viktor Gurov over 3 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Operating System
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.01
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

https://vuxml.freebsd.org/freebsd/f55921aa-10c9-11ec-8647-00e0670f2660.html:

Version 5.9_2 contains security fix for PPPoE servers. Insufficient validation of incoming PPPoE Discovery request specially crafted by unauthenticated user might lead to unexpected termination of the process. The problem affects mpd versions since 5.0. Installations not using PPPoE server configuration were not affected.

pfSense-2.6.0.a.20210914.0500 still uses mpd5 5.9_1

Actions #1

Updated by Viktor Gurov about 3 years ago

pfSense 22.01.a.20211128.0600 uses mpd5-5.9_4

Actions #2

Updated by Jim Pingle about 3 years ago

  • Status changed from New to Resolved
  • Target version set to 2.6.0
  • Plus Target Version set to 22.01
Actions #3

Updated by Jim Pingle almost 3 years ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF